shengqi158/Jackson-databind-RCE-PoC external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

shengqi158/Jackson-databind-RCE-PoC

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/shengqi158/Jackson-databind-RCE-PoC)

Close

shengqi158 / Jackson-databind-RCE-PoCView on GitHubMore

• External links
• Readme badge

☆83Jan 11, 2018Updated 8 years ago

Alternatives and similar repositories for Jackson-databind-RCE-PoC

Users that are interested in Jackson-databind-RCE-PoC are comparing it to the libraries listed below

• cowtowncoder / jackson-compat-minor

  View on GitHub
  Test repository for verifying compatibility between adjacent minor versions
  ☆36Mar 8, 2025Updated last year
• shengqi158 / fastjson-remote-code-execute-poc

  View on GitHub
  fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class，然后运行Poc.java
  ☆403Dec 16, 2022Updated 3 years ago
• shadowsock5 / jackson-databind-POC

  View on GitHub
  ☆19Mar 27, 2020Updated 5 years ago
• mpgn / CVE-2019-0192

  View on GitHub
  RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl
  ☆210Mar 10, 2019Updated 7 years ago
• zerothoughts / spring-jndi

  View on GitHub
  Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4
  ☆116May 17, 2019Updated 6 years ago
• jas502n / zentao

  View on GitHub
  zentao Getshell
  ☆10Oct 27, 2020Updated 5 years ago
• shengqi158 / CVE-2018-2628

  View on GitHub
  CVE-2018-2628 & CVE-2018-2893
  ☆78Jul 20, 2018Updated 7 years ago
• vulhub / vulhub-ui

  View on GitHub
  [WIP] a simple UI for Vulhub
  ☆16Jun 10, 2021Updated 4 years ago
• pwntester / JRE8u20_RCE_Gadget

  View on GitHub
  JRE8u20_RCE_Gadget
  ☆255Jul 1, 2016Updated 9 years ago
• firstC99 / fastjson-1.2.47-RCE

  View on GitHub
  Fastjson <= 1.2.47 远程命令执行漏洞利用工具及方法
  ☆400Jan 24, 2025Updated last year
• AbelChe / jasyptAtuoDecrypt

  View on GitHub
  自动fuzz spring的加密密码，自动解密spring的加密密码
  ☆16Feb 4, 2023Updated 3 years ago
• tdy218 / ysoserial-cve-2018-2628

  View on GitHub
  Some codes for bypassing Oracle WebLogic CVE-2018-2628 patch
  ☆114May 21, 2018Updated 7 years ago
• pyn3rd / CVE-2018-3252

  View on GitHub
  CVE-2018-3252-PoC
  ☆74Dec 7, 2018Updated 7 years ago
• Lucifaer / head_first_javarasp

  View on GitHub
  一些Java RASP demo
  ☆11Sep 26, 2019Updated 6 years ago
• brianwrf / WordPress_4.9.8_RCE_POC

  View on GitHub
  A simple PoC for WordPress RCE (author priviledge), refer to CVE-2019-8942 and CVE-2019-8943.
  ☆73Mar 18, 2019Updated 7 years ago
• Yt1g3r / CVE-2019-3396_EXP

  View on GitHub
  CVE-2019-3396 confluence SSTI RCE
  ☆174Oct 1, 2020Updated 5 years ago
• threedr3am / tomcat-cluster-session-sync-exp

  View on GitHub
  tomcat使用了自带session同步功能时，不安全的配置（没有使用EncryptInterceptor）导致存在的反序列化漏洞，通过精心构造的数据包， 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484，9484…
  ☆212May 19, 2020Updated 5 years ago
• wuppp / shiro_rce_exp

  View on GitHub
  Shiro RCE (Padding Oracle Attack)
  ☆148Nov 15, 2019Updated 6 years ago
• Lonely-night / fastjson_gadgets_scanner

  View on GitHub
  ☆131Jun 17, 2022Updated 3 years ago
• yhy0 / nucleiY

  View on GitHub
  承影用的 nuclei 漏扫模板
  ☆15Jun 11, 2023Updated 2 years ago
• joaomatosf / JavaDeserH2HC

  View on GitHub
  Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
  ☆521Mar 11, 2022Updated 4 years ago
• tobechenghuai / Shiro_721_Padding_Oracle_RCE

  View on GitHub
  Shiro_721 exp 纯手工实现Padding Oracle整个过程
  ☆67Nov 20, 2019Updated 6 years ago
• longofo / rmi-jndi-ldap-jrmp-jmx-jms

  View on GitHub
  rmi、jndi、ldap、jrmp、jmx、jms一些demo测试
  ☆311Jun 17, 2022Updated 3 years ago
• iSafeBlue / fastjson-autotype-bypass-demo

  View on GitHub
  fastjson 1.2.68 版本 autotype bypass
  ☆142Jun 17, 2022Updated 3 years ago
• codeplutos / MySQL-JDBC-Deserialization-Payload

  View on GitHub
  MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload
  ☆13Feb 8, 2020Updated 6 years ago
• Libraggbond / CVE-2018-3191

  View on GitHub
  CVE-2018-3191 反弹shell
  ☆63Oct 23, 2018Updated 7 years ago
• SewellDinG / LearnSQLin

  View on GitHub
  📖面向MySQL注入的一些技巧
  ☆31May 25, 2017Updated 8 years ago
• 0Kee-Team / JavaProbe

  View on GitHub
  A Java runtime information-gathering tool which uses the Java Attach API for information acquisition
  ☆204Apr 26, 2021Updated 4 years ago
• jas502n / jackson-CVE-2020-8840

  View on GitHub
  FasterXML/jackson-databind 远程代码执行漏洞
  ☆73Feb 21, 2020Updated 6 years ago
• LeadroyaL / fastjson-blacklist

  View on GitHub
  ☆835Jun 7, 2022Updated 3 years ago
• Ofirhamam / OracleOTM

  View on GitHub
  Python tool for exploiting CVE-2021-35616
  ☆11Dec 3, 2021Updated 4 years ago
• jas502n / CVE-2018-15982_EXP_IE

  View on GitHub
  CVE-2018-15982_EXP_IE
  ☆12Dec 12, 2018Updated 7 years ago
• Y4er / WebLogic-Shiro-shell

  View on GitHub
  WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞，一键注册蚁剑filter内存shell
  ☆535Aug 25, 2020Updated 5 years ago
• pyn3rd / CVE-2019-0232

  View on GitHub
  Apache Tomcat Remote Code Execution on Windows
  ☆189Nov 27, 2019Updated 6 years ago
• Y4er / fastjson-bypass-autotype-1.2.68

  View on GitHub
  fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.
  ☆229Oct 12, 2022Updated 3 years ago
• Y4er / CVE-2020-2551

  View on GitHub
  Weblogic IIOP CVE-2020-2551
  ☆338Apr 7, 2020Updated 5 years ago
• NickstaDB / BaRMIe

  View on GitHub
  Java RMI enumeration and attack tool.
  ☆745Sep 28, 2017Updated 8 years ago
• Ivan1ee / NET-Deserialize

  View on GitHub
  总结了20+.Net反序列化文章，持续更新
  ☆749Apr 3, 2024Updated last year
• feihong-cs / Java-Rce-Echo

  View on GitHub
  Java RCE 回显测试代码
  ☆1,015Oct 15, 2020Updated 5 years ago